parent
a40299be92
commit
fe162a50b8
|
@ -0,0 +1,53 @@
|
|||
[Match]
|
||||
Name=eth0
|
||||
|
||||
## Only use one of these blocks!!
|
||||
|
||||
### DHCP (default most want)
|
||||
[Network]
|
||||
DHCP=yes
|
||||
|
||||
DNSOverTLS=opportunistic
|
||||
|
||||
DNS=1.1.1.1
|
||||
|
||||
DNS=1.0.0.1
|
||||
|
||||
# Link discovery causes some issues so disable it.
|
||||
LLDP=no
|
||||
|
||||
## dhcp config end
|
||||
|
||||
## LAN
|
||||
# Uncomment all below if you want to use eth0 as a lan network.
|
||||
#[Network]
|
||||
# IP address range.
|
||||
#Address=192.168.156.1/24
|
||||
|
||||
# Packet forwarding.
|
||||
#IPForward=yes
|
||||
|
||||
# Masquerade.
|
||||
#IPMasquerade=both
|
||||
|
||||
# Link discovery causes some issues so disable it.
|
||||
#LLDP=no
|
||||
|
||||
#[DHCPServer]
|
||||
|
||||
# Lease time
|
||||
#DefaultLeaseTimeSec=300
|
||||
|
||||
# DNS to serve
|
||||
#DNS=1.1.1.1
|
||||
#DNS=1.0.0.1
|
||||
|
||||
# Enable serving of DHCP addresses from the network range.
|
||||
#DHCPServer=yes
|
||||
|
||||
# Below not supported systemd < 250
|
||||
#[DHCPServerStaticLease]
|
||||
#MACAddress=xx:xx:xx:xx:xx:xx
|
||||
#Address=192.168.156.2
|
||||
|
||||
## lan end
|
|
@ -0,0 +1,14 @@
|
|||
[Match]
|
||||
Name=wwan0
|
||||
|
||||
[Network]
|
||||
DHCP=yes
|
||||
|
||||
DNSOverTLS=opportunistic
|
||||
|
||||
DNS=1.1.1.1
|
||||
|
||||
DNS=1.0.0.1
|
||||
|
||||
# Link discovery causes some issues so disable it.
|
||||
LLDP=no
|
|
@ -0,0 +1,14 @@
|
|||
[Match]
|
||||
Name=usb0
|
||||
|
||||
[Network]
|
||||
DHCP=yes
|
||||
|
||||
DNSOverTLS=opportunistic
|
||||
|
||||
DNS=1.1.1.1
|
||||
|
||||
DNS=1.0.0.1
|
||||
|
||||
# Link discovery causes some issues so disable it.
|
||||
LLDP=no
|
|
@ -0,0 +1,15 @@
|
|||
# Requires /etc/wpa_supplicant/wpa_supplicant-wlan0.conf to exist.
|
||||
[Match]
|
||||
Name=wlan0
|
||||
|
||||
[Network]
|
||||
DHCP=yes
|
||||
|
||||
DNSOverTLS=opportunistic
|
||||
|
||||
DNS=1.1.1.1
|
||||
|
||||
DNS=1.0.0.1
|
||||
|
||||
# Link discovery causes some issues so disable it.
|
||||
LLDP=no
|
|
@ -1,12 +1,18 @@
|
|||
[NetDev]
|
||||
Name=wgs0
|
||||
|
||||
Description=Wireguard Server Peer
|
||||
|
||||
Kind=wireguard
|
||||
|
||||
[WireGuard]
|
||||
|
||||
# Port to listen on.
|
||||
ListenPort=31987
|
||||
ListenPort=500
|
||||
|
||||
# I usually set this to the port number above it's not really needed
|
||||
# but useful for firewalls.
|
||||
FirewallMark=500
|
||||
|
||||
# The Base64 encoded private key for the interface. It can be generated
|
||||
# using the wg genkey command (see wg(8)). This option or
|
||||
|
@ -14,8 +20,11 @@ ListenPort=31987
|
|||
# information is secret, you may want to set the permissions of the
|
||||
# .netdev file to be owned by "root:systemd-network" with a "0640" file
|
||||
# mode.
|
||||
PrivateKey=<YOUR KEY HERE>
|
||||
PrivateKey=<KEY>
|
||||
|
||||
# Public key for the above private key. Only here as a reminder.
|
||||
# systemd will ignore if uncommented.
|
||||
#PublicKey=<PUBKEY>
|
||||
|
||||
# Your Peers.
|
||||
[WireGuardPeer]
|
||||
|
@ -23,10 +32,10 @@ PrivateKey=<YOUR KEY HERE>
|
|||
# Base64 encoded public key calculated by wg pubkey (see wg(8)) from a
|
||||
# private key, and usually transmitted out of band to the author of the
|
||||
# configuration file. This option is mandatory for this section.
|
||||
#PublicKey=<YOUR KEY HERE>
|
||||
PublicKey=<KEY>
|
||||
|
||||
# Comma-separated list of IP addresses with CIDR masks from which this
|
||||
# peer is allowed to send incoming traffic and to which outgoing traffic
|
||||
# for this peer is directed.
|
||||
#AllowedIPs=10.0.0.2/32
|
||||
AllowedIPs=10.0.0.1.2/32
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
# Needs netdev for wgs0, wireguard & wireguard-tools installed to work.
|
||||
|
||||
[Match]
|
||||
Name=wgs0
|
||||
|
||||
[Network]
|
||||
Address=10.0.0.1/24
|
||||
IPForward=true
|
|
@ -1,29 +1,37 @@
|
|||
[NetDev]
|
||||
Name=wg0
|
||||
|
||||
Description=Wireguard Client Peer
|
||||
|
||||
Kind=wireguard
|
||||
|
||||
[WireGuard]
|
||||
|
||||
# I usually set this to the port number of the main peer it's not really
|
||||
# needed but useful for firewalls.
|
||||
FirewallMark=500
|
||||
|
||||
# The Base64 encoded private key for the interface. It can be generated
|
||||
# using the wg genkey command (see wg(8)). This option or
|
||||
# PrivateKeyFile= is mandatory to use WireGuard. Note that because this
|
||||
# information is secret, you may want to set the permissions of the
|
||||
# .netdev file to be owned by "root:systemd-network" with a "0640" file
|
||||
# mode.
|
||||
PrivateKey=<YOUR KEY HERE>
|
||||
PrivateKey=<KEY>
|
||||
|
||||
# Public key for the above private key. Only here as a reminder.
|
||||
#PublicKey=<PUBKEY>
|
||||
|
||||
# DNS
|
||||
DNS = 1.1.1.1, 1.0.0.1
|
||||
|
||||
|
||||
# Your Peers.
|
||||
[WireGuardPeer]
|
||||
|
||||
# Base64 encoded public key calculated by wg pubkey (see wg(8)) from a
|
||||
# private key, and usually transmitted out of band to the author of the
|
||||
# configuration file. This option is mandatory for this section.
|
||||
#PublicKey=<YOUR KEY HERE>
|
||||
PublicKey=<PUBKEY>
|
||||
|
||||
# Comma-separated list of IP addresses with CIDR masks from which this
|
||||
# peer is allowed to send incoming traffic and to which outgoing traffic
|
||||
|
@ -33,4 +41,4 @@ AllowedIPs=0.0.0.0/0, ::/0
|
|||
PersistentKeepalive=20
|
||||
|
||||
# Endpoint of a peer (for clients).
|
||||
#Endpoint=<ip>:<port>
|
||||
#Endpoint=<IP>:<PORT>
|
|
@ -2,3 +2,11 @@
|
|||
|
||||
[Match]
|
||||
Name=wg0
|
||||
|
||||
[Address]
|
||||
Address=10.0.0.2/24
|
||||
|
||||
[Route]
|
||||
Gateway=10.0.0.1
|
||||
|
||||
GatewayOnlink=true
|
|
@ -10,9 +10,7 @@ Say I have eth0 and want network access (and an IP via DHCP) from my router; I w
|
|||
|
||||
```
|
||||
sudo -s # Drop to root.
|
||||
cp -rv eth0* /etc/systemd/network/ # Copy the files.
|
||||
|
||||
cat examples/dhcp.conf >> /etc/systemd/network/eth0.network # Append example dhcp to eth0.network
|
||||
cp -rv 10-eth0* /etc/systemd/network/ # Copy the files.
|
||||
|
||||
systemctl enable --now systemd-networkd # Enable networkd now.
|
||||
|
||||
|
|
|
@ -1,2 +0,0 @@
|
|||
[Match]
|
||||
Name=eth0
|
|
@ -0,0 +1 @@
|
|||
systemd-network configuration examples for use in other .net* files!
|
|
@ -1,37 +1,40 @@
|
|||
[Route]
|
||||
|
||||
# v4
|
||||
Gateway=<IPv4>
|
||||
|
||||
# v6
|
||||
Gateway=<IPv6>
|
||||
|
||||
# Not always needed but here just in case.
|
||||
#GatewayOnLink=yes
|
||||
|
||||
[Network]
|
||||
|
||||
# v4
|
||||
Address=<IPv4>/prefix
|
||||
|
||||
# v6
|
||||
Address=<IPv6>/prefix
|
||||
|
||||
|
||||
# DNS
|
||||
# 1.1.1.1 / 1.0.0.1 / 2606:4700:4700::1111 / 2606:4700:4700::1001
|
||||
# are Cloudflare
|
||||
# Put global network options here.
|
||||
DNSOverTLS=opportunistic
|
||||
|
||||
# v4
|
||||
DNS=1.1.1.1
|
||||
|
||||
DNS=1.0.0.1
|
||||
|
||||
# v6
|
||||
DNS=2606:4700:4700::1111
|
||||
DNS=2606:4700:4700::1001
|
||||
|
||||
# Link discovery causes some issues so disable it.
|
||||
LLDP=no
|
||||
|
||||
# IPv6 - must come before IPv4, or some weird things happen.
|
||||
[Route]
|
||||
# v6
|
||||
Gateway=<IPv6>
|
||||
|
||||
# Not always needed but here just in case.
|
||||
GatewayOnLink=yes
|
||||
|
||||
[Network]
|
||||
Address=<IPv6>/prefix
|
||||
|
||||
# DNS
|
||||
# Cloudflare 2606:4700:4700::1111 / 2606:4700:4700::1001
|
||||
DNS=2606:4700:4700::1111
|
||||
DNS=2606:4700:4700::1001
|
||||
|
||||
# IPv4
|
||||
[Route]
|
||||
Gateway=<IPv4>
|
||||
|
||||
# Not always needed but here just in case.
|
||||
GatewayOnLink=yes
|
||||
|
||||
[Network]
|
||||
# v4
|
||||
Address=<IPv4>/prefix
|
||||
|
||||
# DNS
|
||||
# Cloudflare 1.1.1.1 / 1.0.0.1
|
||||
DNS=1.1.1.1
|
||||
|
||||
DNS=1.0.0.1
|
||||
|
||||
|
|
|
@ -1,2 +0,0 @@
|
|||
[Match]
|
||||
Name=usb0
|
|
@ -1,4 +0,0 @@
|
|||
# Needs wgs0.netdev & wireguard & wireguard-tools installed to work.
|
||||
|
||||
[Match]
|
||||
Name=wgs0
|
|
@ -1,3 +0,0 @@
|
|||
# Requires /etc/wpa_supplicant/wpa_supplicant-wlan0.conf to exist.
|
||||
[Match]
|
||||
Name=wlan0
|
|
@ -1,2 +0,0 @@
|
|||
[Match]
|
||||
Name=wwan0
|
|
@ -17,19 +17,18 @@ Wants=sys-subsystem-net-devices-wwan%i.device
|
|||
[Service]
|
||||
Type=simple
|
||||
Restart=always
|
||||
RestartSec=300s
|
||||
TimeoutSec=300s
|
||||
TimeoutSec=240s
|
||||
|
||||
ExecStartPre=-qmi-network /dev/cdc-wdm%i stop
|
||||
ExecStartPre=-rm /tmp/qmi-network-state-cdc-wdm%i
|
||||
ExecStartPre=networkctl down wwan%i
|
||||
ExecStartPre=sh -c "echo 'Y' | tee /sys/class/net/wwan%i/qmi/raw_ip"
|
||||
|
||||
# Add any qmi-network options here as needed.
|
||||
ExecStartPre=qmi-network /dev/cdc-wdm%i start
|
||||
|
||||
|
||||
ExecStartPre=networkctl up wwan%i
|
||||
ExecStart=sh -e -c "while true; do ping -w 120 -I wwan%i -c 5 one.one.one.one || exit 1; sleep 240; done;"
|
||||
|
||||
ExecStart=sh -e -c "sleep 30; while true; do ping -w 120 -I wwan%i -c 5 one.one.one.one || exit 1; sleep 300; done;"
|
||||
|
||||
ExecStop=-rm /tmp/qmi-network-state-cdc-wdm%i
|
||||
ExecStop=networkctl down wwan%i
|
||||
ExecStop=qmi-network /dev/cdc-wdm%i stop
|
||||
|
||||
|
|
Loading…
Reference in New Issue